Reading the title you might think I want to put developers in Jail and although some may be good candidates this is in the far opposite of my intention. I am talking about FreeBSD Jails. For the unfamiliar with the concept those Jails are userland secure contained environments that share a common kernel. Purists and […]
Abandon Linux. Jails for developers.
How to install Fail2ban on FreeBSD
Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example […]
How to secure FreeBSD (server minimal edition)
This is a very simple and easy to follow guide on securely administer your FreeBSD server. That said I am not a security expert although I’ve gained some knowledge as time goes by. Not pretending to be the definitive guide this article is an introduction on how to secure FreeBSD in which I will tackle […]
A brief introduction to Regular Expressions
A regular expression is a set of characters, a string of characters if you will, that specify a pattern. Ever used the grep command? It makes use of them. The ‘grep’ command is very handful when one needs to look for certain things inside a text file, or looking for some specific pattern from another […]
How to install sudo in FreeBSD
Sudo is a very useful application. It allows a regular user to perform tasks only reserved to the root account. There is lots of documentation about sudo and there is even a book about it called “Sudo Mastery”. If you need to investigate deep on this, buy it. Why do you need this? Well… Everyone […]
How to harden Apache HTTP
Disclaimer: This is a long article. I haven’t collected some nice configuration settings here for the sake of it. There are other hardening guides but some fall short on explaining the functionalities to be enabled or disabled. Every step is shortly, and hopefully clearly, explained so any reader can grasp the main idea of every […]
How to detect a WAF – Web Application Firewall
From a penetration testing perspective to identify if a Web Application Firewall (WAF) is in place is essential. The next question is, does an administrator need to know this? My view is, anyone who is in charge of any system that has implemented some sort of WAF needs to verify this tool is working, at […]
How to configure a Virtual Host in Apache
You may have just one website and that is ok. If that is your case you can avoid this entire chapter. But some of you may also have several websites. And quite probably you want to use one single public ip to resolve all the domains you have. The Apache documentation is the main resource […]
How to use find in GNU/Linux and FreeBSD
How to use find is a very basic, but important, UNIX lesson. Find is a very useful command which can help us not just finding a particular file, but for examples files or directories matching certain criteria such as: size, permissions, type. The basic mode of operation for find is the following: find path criteria […]
How to mitigate Spectre and Meltdown on an HP Proliant server with FreeBSD
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]